P
US8166301B2ExpiredUtilityPatentIndex 83

Enabling stateless server-based pre-shared secrets

Assignee: CAM-WINGET NANCYPriority: Jan 12, 2004Filed: Aug 22, 2007Granted: Apr 24, 2012
Est. expiryJan 12, 2024(expired)· nominal 20-yr term from priority
Inventors:CAM-WINGET NANCYZHOU HAOJAKKAHALLI PADMANABHA CSALOWEY JOSEPHMCGREW DAVID A
H04L 63/0435H04L 63/08H04L 67/14H04L 9/0822H04L 9/0841
83
PatentIndex Score
9
Cited by
62
References
20
Claims

Abstract

A method is disclosed for enabling stateless server-based pre-shared secrets. Based on a local key that is not known to a client, a server encrypts the client's state information. The client's state information may include, for example, the client's authentication credentials, the client's authorization characteristics, and a shared secret key that the client uses to derive session keys. By any of a variety of mechanisms, the encrypted client state information is provided to the client. The server may free memory that stored the client's state information. When the server needs the client's state information, the client sends, to the server, the encrypted state information that the client stored. The server decrypts the client state information using the local key. Because each client stores that client's own state information in encrypted form, the server does not need to store any client's state information permanently.

Claims

exact text as granted — not AI-modified
1. A method of storing client states on a client, the method comprising the computer-implemented steps of:
 receiving, by the client from a first server, first encrypted client state information, wherein the first encrypted client state information has been encrypted by the first server using a first local key that is not known to the client and wherein the first encrypted client state information includes a first shared secret key; 
 sending the first encrypted client state information, by the client, to the first server to cause the first server to obtain, based on the first encrypted client state information, the first shared secret key, and to derive, based on the first shared secret key included in the first encrypted client state information, a first derived key; 
 sending, by the client, a first message that has been encrypted based on the first derived key that was derived from the first shared secret key; 
 receiving, by the client, a second message that has been encrypted by the first server based on the first derived key; 
 wherein the method is performed by one or more computing devices. 
 
     
     
       2. A method as recited in  claim 1 , further comprising storing, at the client, the first encrypted client state information that has been received by the client. 
     
     
       3. A method as recited in  claim 1 , wherein sending the first encrypted client state information to the first server includes sending the first encrypted client state information in response to receiving a request, from the first server, for the first encrypted client state information. 
     
     
       4. A method as recited in  claim 1 , wherein sending the first encrypted client state information to the first server includes sending the first encrypted client state information when the client initiates communication with the first server. 
     
     
       5. A method as recited in  claim 1 , wherein the first encrypted client state information includes a lifetime value that indicates a future time at which the first server should deem the first encrypted client state information to be expired. 
     
     
       6. A method as recited in  claim 1 , wherein the first encrypted client state information includes a value that uniquely identifies the client. 
     
     
       7. A method as recited in  claim 1 , further comprising sending, by the client to the first server, an index value that is associated with the local key and an identity of the first server. 
     
     
       8. A method as recited in  claim 1 , further comprising:
 receiving, by the client from a second server, second encrypted client state information, wherein the second encrypted client state information has been encrypted by the second server using a second local key that is not known to the client and wherein the second encrypted client state information includes a second shared secret key; 
 sending, by the client, the second encrypted client state information to the second server; 
 sending, by the client, a second message that has been encrypted based on a second derived key that was derived from the second shared secret key; 
 based on the second derived key, further protecting an ensuing second conversation between the client and the second server. 
 
     
     
       9. A non-transitory computer-readable storage medium carrying one or more sequences of instructions for storing client states on a client, which instructions, when 
       executed by one or more processors, cause the one or more processors to carry out the steps of:
 receiving, by the client from a first server, first encrypted client state information, wherein the first encrypted client state information has been encrypted by the first server using a first local key that is not known to the client and wherein the first encrypted client state information includes a first shared secret key; 
 sending the first encrypted client state information, by the client, to the first server to cause the first server to obtain, based on the first encrypted client state information, the first shared secret key, and to derive, based on the first shared secret key included in the first encrypted client state information, a first derived key; 
 sending, by the client, a first message that has been encrypted based on the first derived key that was derived from the first shared secret key; 
 receiving, by the client, a second message that has been encrypted by the first server based on the first derived key. 
 
     
     
       10. An apparatus for storing client states on a client, comprising:
 means for receiving, by the client from a first server, first encrypted client state information, wherein the first encrypted client state information has been encrypted by the first server using a first local key that is not known to the client and wherein the first encrypted client state information includes a first shared secret key; 
 means for sending the first encrypted client state information, by the client, to the first server to cause the first server to obtain, based on the first encrypted client state information, the first shared secret key, and to derive, based on the first shared secret key included in the first encrypted client state information, a first derived key; 
 means for sending, by the client, a first message that has been encrypted based on the first derived key that was derived from the first shared secret key; 
 means for receiving, by the client, a second message that has been encrypted by the first server based on the first derived key. 
 
     
     
       11. An apparatus as recited in  claim 10 , further comprising means for storing, at the client, the first encrypted client state information that has been received by the client. 
     
     
       12. An apparatus as recited in  claim 10 , wherein the first encrypted client state information includes a value that uniquely identifies the client. 
     
     
       13. An apparatus for avoiding the storage of client state on a server, comprising:
 a network interface that is coupled to a data network for receiving one or more packet flows therefrom; 
 a processor; 
 one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of:
 receiving, by the client from a first server, first encrypted client state information, wherein the first encrypted client state information has been encrypted by the first server using a first local key that is not known to the client and wherein the first encrypted client state information includes a first shared secret key; 
 sending the first encrypted client state information, by the client, to the first server to cause the first server to obtain, based on the first encrypted client state information, the first shared secret key, and to derive, based on the first shared secret key included in the first encrypted client state information, a first derived key; 
 deriving, by the client, the first derived key based on the first shared secret key; 
 sending, by the client, a first message that has been encrypted based on the first derived key that was derived from the first shared secret key; 
 receiving, by the client, a second message that has been encrypted by the first server based on the first derived key. 
 
 
     
     
       14. An apparatus as recited in  claim 13 , wherein the one or more stored sequences of instructions comprise instructions which, when executed by the processor, cause the processor to further carry out storing, at the client, the first encrypted client state information that has been received by the client. 
     
     
       15. An apparatus as recited in  claim 13 , wherein sending the first encrypted client state information to the first server includes sending the first encrypted client state information in response to receiving a request, from the first server, for the first encrypted client state information. 
     
     
       16. An apparatus as recited in  claim 13 , wherein sending the first encrypted client state information to the first server includes sending the first encrypted client state information when the client initiates communication with the first server. 
     
     
       17. An apparatus as recited in  claim 13 , wherein the first encrypted client state information includes a lifetime value that indicates a future time at which the first server should deem the first encrypted client state information to be expired. 
     
     
       18. An apparatus as recited in  claim 13 , wherein the first encrypted client state information includes a value that uniquely identifies the client. 
     
     
       19. An apparatus as recited in  claim 13 , wherein the one or more stored sequences of instructions comprise instructions which, when executed by the processor, cause the processor to further carry out sending, by the client to the first server, an index value that is associated with the local key and an identity of the first server. 
     
     
       20. An apparatus as recited in  claim 13 , wherein the one or more stored sequences of instructions comprise instructions which, when executed by the processor, cause the processor to further carry out:
 receiving, by the client from a second server, second encrypted client state information of the client, wherein the second encrypted client state information has been encrypted by the second server using a second local key that is not known to the client and wherein the second encrypted client state information includes a second shared secret key; 
 sending, by the client, the second encrypted client state information to the second server; 
 sending, by the client, a second message that has been encrypted based on a second derived key that was derived from the second shared secret key; 
 based on the second derived key, further protecting an ensuing second conversation between the client and the second server.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.